d28ca72cbbc199fe5d1fac00e11e87c05c75e865f7e29e7aacd4a354892c3c14

Sharing

Copy URL

Twitter E-mail

General

Target

d28ca72cbbc199fe5d1fac00e11e87c05c75e865f7e29e7aacd4a354892c3c14
Size

140KB
MD5

840f1e5e2f8aac04c1aa5b74ea68b21c
SHA1

9584d9f65132165af7cb1968219bbe034fde88e1
SHA256

d28ca72cbbc199fe5d1fac00e11e87c05c75e865f7e29e7aacd4a354892c3c14
SHA512

e9584137567ae644ce0eb39ef67fa47a7140067cce1f3bd3af6d735be768987ba122e41d3f4a076852a14645619909fefa9e07e81cebbe926d1677ca20d1b28b
SSDEEP

3072:lSpPFy59zBkty43QbM3vJD+OktlqvG8SJ:lSPy59zB0AQxSOkSv

Score

N/A

Malware Config

Signatures

Files

d28ca72cbbc199fe5d1fac00e11e87c05c75e865f7e29e7aacd4a354892c3c14
.dll windows x86

cc5a68d117509b79f748c61800558682

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
Sleep
GetCurrentProcessId
LocalAlloc
CloseHandle
CreateEventA
GlobalFree
GetComputerNameW
GetCurrentThread
WaitForSingleObject
WideCharToMultiByte
lstrcpynW
GlobalAlloc
MultiByteToWideChar
GetLocaleInfoA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
FindResourceW
LoadResource
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GetProcessHeap
lstrlenW
lstrcpyW
lstrcatW
lstrcmpiW
LocalFree
IsBadWritePtr
LockResource
FormatMessageW
GetCommandLineA
VirtualProtect
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
GetProcAddress
ExitProcess
VirtualQuery
RtlUnwind
GetVersionExA
InterlockedExchange
GetSystemInfo

user32

MessageBoxW
wsprintfW
CharNextW
CharPrevW
SendMessageW
SetWindowLongW
GetActiveWindow
SendDlgItemMessageW
SetFocus
IsDlgButtonChecked
DialogBoxParamW

advapi32

RegDeleteValueW
RegDeleteValueA
OpenThreadToken
OpenProcessToken
GetTokenInformation
QueryServiceStatus
StartServiceA
CloseServiceHandle
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW
RegCloseKey

ole32

CoTaskMemFree

rpcrt4

RpcBindingFromStringBindingW
RpcStringFreeW
I_RpcMapWin32Status
NdrClientCall2
RpcStringBindingComposeW
RpcBindingFree
RpcEpResolveBinding
RpcBindingFromStringBindingA
RpcNetworkIsProtseqValidA
NdrFreeBuffer
NdrClientContextUnmarshall
NdrConvert
NdrConformantArrayMarshall
NDRCContextBinding
NdrClientContextMarshall
NdrConformantVaryingArrayUnmarshall
NdrClientInitializeNew
NdrGetBuffer
NdrSendReceive
NdrConformantArrayBufferSize

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc5a68d117509b79f748c61800558682

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 37KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 37KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 3KB - Virtual size: 3KB